Need pfSense Low Power Build Advice

[Fodmidoid]

Hi All,

I have decided to build a dedicated pfSense device for my home Fios connection, which is currently 150/150 Mbps. I need something inexpensive, low-power, yet with enough performance to handle any and all apps I choose to install, such as OpenVPN, Squid, Snort, etc.

Requirements:
Mini-ITX (possibly MicroATX
Minimum 2.0 Ghz processor with AES-NI
VT-X/D would be bonus
At least 3 Intel gigabit NIC ports (even if it means PCIe)
Decent PCIe on board (not 1x)
At least 8 GB RAM
SSD or M.2 perhaps?
Quiet
Power supply (Pico?)
Case recommendations

I was considering a C2758 or Xeon D-1518 but I think I'd rather not spend so much on a home firewall and build something very cost effective myself. Is this doable?

I don't think I'm interested in J1900 or anything else that may fall short of performance.

If you could provide me with a complete build list, I'd be real grateful but a motherboard and CPU recommendation would go a long way too. Thanks so much, everyone.

 

[marcoi]

whats your budget? by the list you provided it looks like you prefer super small size vs budget?

An example : you can get a consumer mb like the following: ASRock H270M-ITX/ac LGA 1151 Intel H270 HDMI SATA 6Gb/s USB 3.0 Mini ITX Motherboards - Intel - Newegg.com

then a used e3 xeon or i3 cpu. It has a slot for an additional nic.

 

[whitey]

Isn't this pretty much a duplicate of your other thread in which there were quite a few valid recommendations? Did you decide against using your Dell SFF machine?

 

[Patrick]

The J1900 is similar in performance to the C2550 but you will want AES-NI.

What is your timeframe?

I still use a few of these:
*NEW* SuperMicro A1SRI-2558F Mini-ITX Motherboard ***FULL MFR WARRANTY*** | eBay

With Amazon.com: Supermicro Rack Mount Server Chassis CSE-505-203B: Computers & Accessories

I do like having IPMI access for the pfSense upgrades that go poorly.

 

[Fodmidoid]

Isn't this pretty much a duplicate of your other thread in which there were quite a few valid recommendations? Did you decide against using your Dell SFF machine?

Yeah, I decided not to go with my current Dell desktop because it was lacking AES-NI.

 

[mattr]

I'm using a A1SAM-2550F for my pfSense and it's running great. Using a CSE-510-203B. Though I kind of wish I had a chassis that mounted the other way so the ports could be front facing.

 

[Fodmidoid]

whats your budget? by the list you provided it looks like you prefer super small size vs budget?

An example : you can get a consumer mb like the following: ASRock H270M-ITX/ac LGA 1151 Intel H270 HDMI SATA 6Gb/s USB 3.0 Mini ITX Motherboards - Intel - Newegg.com

then a used e3 xeon or i3 cpu. It has a slot for an additional nic.

Thanks. I'm currently looking at the following CPU. It's an Intel Core i3-7100 Kaby Lake Dual-Core 3.9 GHz LGA 1151 51W. Would that pair up nicely with this board? If I needed to add an Intel Quad NIC, there woudn't be any issues with this PCIe version? I think I read somewhere that poeple were having trouble getting pfSense to recognize one of the NICs on this board if I'm not mistaken. But, if it's okay, I think this could be a good candidate for sure. Can anyone confirm they've used this board with pfSense wihout issues?

Amazon.com: Intel BX80677I37100 7th Gen Core Desktop Processors: Computers & Accessories

 

[PigLover]

I think you are over-thinking here.

You still need to find a MB. Then you'll be looking for NIC cards. They you'll realize you need a bigger case because the NIC card takes up room, and then..., and then...

By the time you are done you'll spend more than the cot of a mITX 2558. And you'll have a system that is larger and more cumbersome than you needed.

 

[Fodmidoid]

The J1900 is similar in performance to the C2550 but you will want AES-NI.

What is your timeframe?

I still use a few of these:
*NEW* SuperMicro A1SRI-2558F Mini-ITX Motherboard ***FULL MFR WARRANTY*** | eBay

With Amazon.com: Supermicro Rack Mount Server Chassis CSE-505-203B: Computers & Accessories

I do like having IPMI access for the pfSense upgrades that go poorly.

Well, I was hoping to get started right away, but I could off a bit if there was something really juicy coming soon.

I've looked into the C2558 and C2758 quite a few times but wasn't sure if it was the best way to go.

I like the setup, but I've wondered how quiet it is in that rackmount case? I have a small server cabinet that this could go into but it would be sitting on my loving room and I really don't want to hear the fans. Plus there's the WAF, of course, but she'3 pretty cool like that.

Do you think this setup is better than going with the i3-7100 Kaby Lake with an ASRock H270M-ITX/ac, as suggested above?

Thanks a lot, Patrick.

 

[whitey]

My vote is still a SG-1000 or a APU2C4 wink wink

Now you KNEW I couldn't resist throwing that in right?

Those SM atom boards @Patrick, @PigLover @mattr have suggested are good options as well, expecially if you want/need IPMI.

 

[Fodmidoid]

I think you are over-thinking here.

You still need to find a MB. Then you'll be looking for NIC cards. They you'll realize you need a bigger case because the NIC card takes up room, and then..., and then...

By the time you are done you'll spend more than the cot of a mITX 2558. And you'll have a system that is larger and more cumbersome than you needed.

Valid points.

Though I do like the idea of putting something together, too. It's been years. However, this can't be the deciding factor. Cost and most-logical for my uses are what's important.

 

[Patrick]

My other bit of advice here is that if you are like me, Internet access failing is an indicator that my day could be better.

BTW... I hear there is a site with pfSense hardware recommendations: Top Hardware Components for pfSense Appliances

 

[bds1904]

Honestly, if the pfSense (Netgate) SG-2220 doesn't fit your needs the SG-2440 is an awesome solution. Don't get me wrong, I love building my own setups but for the ease of setup, warranty and support the 2440 is hard to beat. Did I mention it has no moving parts?

There is something to be said about an appliance (especially pfSense) that just works.

 

[Markus]

Just got my APU2C4.
I am going to build an OPNSense Appliance with this.

 

[Fodmidoid]

Can anyone tell me if the SuperMicro A1SRI-2558F Mini-ITX Motherboard and Supermicro Rack Mount Server Chassis CSE-505-203B is quiet enough to run in the living room in a small TrippLite rack?

 

[Patrick]

It should be. The trick is that with that particular motherboard you need to add a fan for the 15w SoC. The SoC heatsink does require a fan to cool it but it does not require a ton of airflow. The barebones CSE-505-203B does not have the fan(s) you need.

You can see the barebones internals (with the C2758) here: Supermicro SuperServer SYS-5018A-FTN4 Intel Atom C2758 200W 1U Rackmount Server

 

[ServerSemi]

I had same dilema a month ago and ended up going overkill with a i7-7700t and asrock mini itx motherboard.

 

[PigLover]

Can anyone tell me if the SuperMicro A1SRI-2558F Mini-ITX Motherboard and Supermicro Rack Mount Server Chassis CSE-505-203B is quiet enough to run in the living room in a small TrippLite rack?

Its not rackmoun, but I guarantee that this case would make it quiet enough: Akasa Thermal Solution

 

[Fodmidoid]

I had same dilema a month ago and ended up going overkill with a i7-7700t and asrock mini itx motherboard.

Thanks. How was that experience for you? I assume good if you posted, but wanted to check.

Do you know what user total cost was?

 

[Fodmidoid]

It should be. The trick is that with that particular motherboard you need to add a fan for the 15w SoC. The SoC heatsink does require a fan to cool it but it does not require a ton of airflow. The barebones CSE-505-203B does not have the fan(s) you need.

You can see the barebones internals (with the C2758) here: Supermicro SuperServer SYS-5018A-FTN4 Intel Atom C2758 200W 1U Rackmount Server

Thanks, Patrick.

Between the C2558 and C2758, you think I'm fine with the C2558?